| Navigation: |
| Legal Mumblejumble | Introduction | Where to Start | Packet Sniffing 101 | Programming 101 | Proxies | Cracking Techniques | Summary |
| Legal Mumblejumble |
| Before I start ranting about the skills, tools, and knowledge it takes to be a common password cracker. It's important to remember that cracking is against every online services TOS, Term(s) Of Service, and charges could be pressed against anyone involved. It's also extremely important for you to realize that I, Christopher da Vinci, am in NO way responsible for your actions. If charges are pressed you may not accuse, Christopher da Vinci, family members, or anyone else who reads this tutorial. Now with all the legal "stuff" out of the way, enjoy. |
| Back to Top |
| Introduction |
| Yes, I am a password cracker. Not the most glamorous lifestyle but it will on the other hand "cure what ills ya". I've traveled down basicly every path to hacking. Nowadays I pretty much stay close to home and code crackers for others but from time to time I get my hands dirty. Password crackers impress me for one reason, you never know when they're coming. Everything could be fine and the next second your account won't login and your credit card is maxed out. Not every cracker is a bad person but alot of them are after the high scores; system access, pin numbers, and social security numbers. This tutorial isn't really for that kind of person this is for the common password cracker, the email cracker. Though cracking pin numbers and all that is fun but you can't expect to start at the top, can you? |
| Back to Top |
| Where to Start |
| First, get yourself a good PACKET SNIFFER. This is
an important tool to have when trying to find out how the login works.
Personally I use CommView Packet Monitor v3.1 by TamoSoft Inc., it cost
around $100, but that's where software cracking comes into play. Packet
sniffers allow you to view everything being sent from your computer to
another network but it also shows everything being sent from that network
to your computer. Sometimes, on lonely nights, I just sit and watch the
packets fly across my screen, god I'm pathetic. Now that you've all
laughed at me lets move on... Secondly, learn to PROGRAM. Yes, THIS MEANS YOU! Stop crying man it's going to be okay. I've been programming for about ten years give or take. Since you're probably not an advanced programmer, PUT THE HTML BOOK AWAY, I suggest starting out with something simple like Visual Basic or even Delphi. You need programming skills, just small ones, to make simple programs that will run a PASSWORD LIST (more on this later), through a login via WINSOCK (more on this later). Thirdly, READ EVERYTHING! Get a well rounded understanding of how CGI, PHP, ASP, JSP, and LOGIN'S work. Sometimes when your cracker isn't doing it's job correctly you have to make corrections that only having this knowledge will fix. It will also give you an advantage over the other crackers out there. When two crackers go after the same account the faster more knowledgeable one always will win. Fourthly, make notepad your close and personal friend. You will be using this amazing fantastic piece of software to write all your PASSWORD LISTS. Password lists contain, you guessed it, a list of passwords. I usally make a custom password list based on the account I'm trying to crack but many people use the biggest list they can 'find' and just run it over and over, these people will never have the skills you will. Finally, get use to the dark! "I boogie, I like the night life." |
| Back to Top |
| Packet Sniffing 101 |
| First, load a webpage, e.g. www.mail.com, then
minimize the browser window and open your packet sniffer.
Secondly, start the sniffer, in CommView it's the button with the PLAY icon. Thirdly, go back to the browser window and login. Once you're logged in then go back to the packet sniffer. Press the stop button and look through the packets. Look for the packet that resembles this: POST /scripts/common/proxy.main HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* Referer: http://www.mail.com/ Accept-Language: en-us Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461;) Host: www.mail.com Content-Length: 98 Connection: Keep-Alive Cache-Control: no-cache Cookie: loginName=username@email.com action=login&show_frame=Enter&mail_language=us&login=username@email.com&password=letmein&x=143&y=18POST is the method of the form, the 'half' url is the suffix and the HOST is the prefix. The longer url at the very bottom is the sub-suffix. Then by placing them in order; prefix/suffix?sub-suffix, will make the full url. e.g. www.mail.com/scripts/common/proxy.main?action=login&show_frame=Enter&mail_language=us&login=username@email.com&password=letmein&x=143&y=18 This may look a little strange at frist but if you place the above url, replacing username@email.com with your email and letmein with your password, it will log you right in. So now you know the full path to logging in, which will allow you to crack. |
| Back to Top |
| Programming 101 |
Now I'm not going to go into phenomenal detail you
should really read a book or online tutorial on programming. I'm just
gonna give a vague overall description of programming a cracker. I
mentioned, earlier, WINSOCK (Windows Sockets). This is for all you Visual
Basic programmers out there, the only reason I'm sticking to VB
terminology is because that's the language choice for newbies. Briefly I'm
going to talk on the bells and whistles of a cracker. Listbox for the
passwords to be loaded into, more advanced programmers will just read the
file without listboxes. Textbox for the account you want to crack and may
even a statusbar so the user knows whats going on. Okay back to winsock,
you basicly put the host as host in preferences and the port to 80 (HTTP
Port). Now go back to the form and double click the winsock icon that you
placed on the form. This opens up the coding area of winsock. Inside the
'connect' function you would put something similar to this: Dim Str As String
Str = "GET /scripts/common/proxy.main?action=login&show_frame=Enter&mail_language=us&login=" & text1.text & _
"&password=" & text2.text & "&x=143&y=18" HTTP/1.1" & vbCrLf
Str = Str & "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*" & vbCrLf
Str = Str & "Accept-Language: en-us" & vbCrLf
Str = Str & "Content-Type: application/x-www-form-urlencoded" & vbCrLf
Str = Str & "Accept-Encoding: gzip, deflate" & vbCrLf
Str = Str & "Host: www.mail.com" & vbCrLf
Str = Str & "Connection: Keep-Alive" & vbCrLf
Str = Str & "Cache-Control: no-cache" & vbCrLf & vbCrLf
Socket.SendData StrWhere text1.text is the textbox for the username
and text2.text is the textbox for the password. Then go to the 'data arrival' function and you may code something like this: Dim Data As String
Socket.GetData Data
If InStr(1, Data, "<title>Mail.com</title>") Then
MsgBox "Wrong"
Exit Sub
ElseIf InStr(1, Data, "Title: 302 Moved") Then
MsgBox "Cracked: " & text1.text & " - " & text2.text
Exit Sub
End If
In each 'instr' you're looking for a KEYWORD that appears if the
login is incorrect or correct then once it finds it, tell you the results
via msgbox. For finding keywords login with a correct username and
password while packet sniffing then do the same with a wrong username and
password. |
| Back to Top |
| Proxies |
| Proxies are basicly the authority to act for another and that's exactly what they do. Proxies mask, hide, your IP (Internet Protocol) Address. You can find thousands of websites that offer public proxies, updated every hour or day, that just basicly means that these proxies can be used by anyone at anytime. Proxies are a crackers best friend. They can literary save your ass when push comes to shove. I'm sure you have been wondering how crackers don't get busted? Proxies are the answer. When companies log ip's they will just be tracing a proxy which wont lead back to you. Alot of crackers use multiple proxies, one connects to another and so on. Depening on the bandwidth of the proxy and the connection type can increase or decrease your cracking. I suggest you look deeper into this topic if your serious about becoming a cracker. |
| Back to Top |
| Cracking Techniques |
| There are only three main techniques that come to mind when I think of password crackers; manual, info, and brute. In Programming 101, above, that was part of my source code to a Mail.com manual cracker. Which means you basicly 'guess' the password, one password at a time. I, personally, refer to manual crackers as 'snipers' due to the "one shot, one kill" approach they bring to cracking. Info cracking is for those that have no life, like myself. I love, with a passion, info cracking. Info crackers take time to research their victim, get to know them personaly from a far, then use that information to 'guess' their password or use the "forgot password" service most companies provide. Brute crackers better known as Brute Forcers load the biggest, ugliest, ungodliest password list they can find, or make, and run it for days until they have successfully gained access. Now if I'm planning on taking down a large number of accounts at anygiven time then I'm all for brute forcing but otherwise it's to freaking sloppy for me, personally. |
| Back to Top |
| Summary |
| Well folks I hope you enjoyed the textfile. Check out my page at www.cracker.host.sk for other pieces of work by me. I'm out of here. |
| Back to Top |